CVE-2006-7138
CVE-2006-7138 affects Oracle Application Express/HTMLDB (APEX) prior to 2.2. The issue is an SQL injection in WWV_FLOW_UTILITIES.gen_popup_list inside the WWV_FLOW_UTILITIES package, enabling remote authenticated users to alter P_LOV and calculate a matching MD5 checksum for P_LOV_CHECKSUM to exe...